Effective Date: May 12th 2021
What personal information do we collect and why?
Personal Information for purposes of this Privacy Statement is information that identifies or can identify a specific individual. API may obtain and retain information about individuals, particularly airline and cruise line crew members and employees, to include:
- Individual’s name, employee number, crew position (e.g., captain, first officer, flight attendant, or job title, etc.), base location (domicile), hire date, gender (only for specific airlines and cruise lines), associated flight, ship, deadhead, pairing, department, and accounting information as may be provided by the individual’s airline/cruise line for the purposes of performance of the individual’s work related activities.
- Information that associates individuals with assigned hotels and ground transportation providers as part of the individual’s work-related activities. This may include additional room / pick-up information such as confirmation numbers, etc.
- Cell phone or e-mail address information, as may be provided by you or your company, to receive work-related e-mails and/or SMS text messages. You have the ability to opt into and out of this service as contractually agreed-to with your airline/cruise line employer.
- Per diem (allowance) information may be obtained, derived, used and retained expressly as contractually agreed with your airline/cruise line.
- Information that an individual may voluntarily provide as feedback to API for a specific hotel or ground transportation service.
- Information that an individual may voluntarily provide to API for the purposes of booking leisure hotels (not associated with work-related activities). Note that API does not retain credit card information (except for the last four numbers of the credit card), however credit card information may be passed to third party systems and booking engines associated with the hotel booking process.
- Audit logs of user activity on API websites, such as date/time stamps, used in accordance with industry-standard security practices.
- My Crew Care Application stores your user profile for the persistent login feature of the application.
API does not collect personal information when you visit API’s web sites unless you choose to provide it to API.
With whom does API share personal information?
- API primarily provides personal information (such as name, employee ID, rank, and arriving/departing flight/cruise information) to third party hotel and ground transportation companies in accordance with the contractual agreements with your airline/cruise line employer. For selected airlines and cruise lines, API may also provide per diem (allowance) information to hotels in accordance with the contractual obligations with your airline /cruise line.
- API may provide personal information to third-party hotel booking engines and tools as may be necessary for fulfillment of our obligations to your airline/cruise line employer, or as part of your voluntary request for booking leisure hotels.
- API may provide any and all personal information we have in our databases with your airline/cruise line employer. This information may be included in reports, invoices, data marts etc.
- General database information may be shared with our software development partners for the sole use of analysis, programming, testing, monitoring and quality assurance of our technology solutions.
- We may provide personal information to national or law enforcement agencies as required by applicable law, or if we feel this action is necessary to protect our business, employers, suppliers or customers.
How do we use personal information?
API primarily uses your personal information for the management of hotel, ground transportation, and optionally per diem services associated with your airline/cruise line employer. This information is only used in accordance with API’s contractual obligations with your airline or cruise line. Other uses may include:
- Management of feedback you voluntarily provide to API regarding your layover experience.
- We may use your information to help you complete a transaction such booking a leisure hotel.
- Occasionally we may use your information to contact you to complete surveys that we use for quality assurance purposes.
- For information not voluntarily provided by you, API only uses and retains personal information in accordance with the contractual agreement between API and your airline/cruise line employer.
Choice and Consent
API receives and/or processes your personal as part of a contractual agreement with your airline/cruise line employer. For any optional services that API provides, such as receiving email or text messages of hotel changes, you will have the ability to opt into or out of these optional services.
How do we protect your personal information?
We want your crews to feel confident about using our Online Services, and we are committed to taking appropriate steps designed to protect the information we collect. While no Online Services can guarantee absolute security, we have implemented appropriate technical and organizational measures to protect the personal information that we collect and process about you.
International data transfers
The personal information we collect may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective). While such information is outside of your country of residence, it is subject to laws of such other countries, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country
Specifically, the servers of our Online Services are in the US. When we collect your personal information, we may process it in the US.
EU-US Privacy Shield
We have self-certified compliance with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from the European Union and the United Kingdom. We have certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. To learn more about the Privacy Shield Principles and to view our certification, please visit here.
Under certain circumstances, we may be required to disclose your personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
You may have the right to access personal information that we hold about you and request that we correct, amend or delete it if it is inaccurate or processed in violation of the Privacy Shields.
If you have any inquiries or complaints about our handling of your personal information under the Privacy Shields, you should first contact us at firstname.lastname@example.org and we will respond to your inquiry promptly. If we are unable to satisfactorily resolve your complaint, or we fail to acknowledge your complaint in a timely fashion, we have further committed to cooperate and comply with the panel of European data protection authorities (DPAs) in the resolution of any Privacy Shield complaints. Individuals may also have the opportunity under certain conditions to invoke binding arbitration for complaints regarding the Privacy Shield not resolved by the above mechanisms. See here for additional information about binding arbitration.
In compliance with the Privacy Shield Principles, API commits to resolve complaints about our collection or use of your personal information. EU and UK individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Lodging Solutions d/b/a Accommodations Plus International (API) at:
Attn: TJ McCauley, Senior Information Risk Officer
265 Broadhollow Road
Melville, NY 11747
API has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit Submit a case with JAMS for more information or to file a complaint. The services of JAMS are provided at no cost to you.
For purposes of enforcing compliance with the Privacy Shield frameworks, we are subject to the investigatory and enforcement powers of the US Federal Trade Commission.
EU GDPR Representative
API Inc has appointed Fifth Square Limited as its Representative under the EU GDPR. This Representative may be contacted at:
Attn: Rune Pettersen
Wicklow A98 FY68
The Representative has been appointed as the criteria set out in Article 3(2), EU GDPR are met, specifically:
“This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union”
UK GDPR Representative
API Inc has appointed Fifth Square Limited as its Representative under the UK GDPR. This Representative may be contacted at:
Attn: Simon Ghent
1 Fishpond Way,
The Representative has been appointed as the criteria set out in Article 3(2), UK GDPR are met, specifically:
“This Regulation applies to the processing of personal data of data subjects who are in the United Kingdom by a controller or processor not established in the United Kingdom, where the processing activities are related to the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the United Kingdom”
Cookies do not identify you personally, just the computer or device you are using. Cookies help to making it easier for you to log on to and use our site during future visits, navigate between pages efficiently, remember your preferences and improve the user experience. They also allow us to monitor traffic on our site.
The cookies we use may fall into one or more of the following categories:
- a) Analytics/performance cookies: Every visit generates an ‘anonymous analytics cookie’ which tell us your whether you’ve visited our site before, which allows us to track how many users we have, and how often they visit our site. We use these cookies to gather statistics and maintain our site performance.
- b) Functionality cookies: These allow us to remember choices you make and provide enhanced, more personal features. For example, remembering your email address and preferences on our website, so you don’t have to choose them each time you visit.
- c) Strictly Necessary: These are cookies that are needed for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
My Crew Care Application
When accessing the My Crew Care mobile application, you will be presented with a range of optional functions the application could have access to, such as location data, phone data, photos/media/ files, storage, camara and other data.
To enable your mobile device to access any of the features listed above, you will be asked for your explicit consent by a pop-up notification. It is your choice whether you enable any of these features by accepting the pop-up notification.
The My Crew Care application will only store your user profile. It does not store any other personal data, even if you enable any of the functions listed above, by accepting the pop-up notification.
Changes to This Notice and How to Contact Us
How to contact us
If you have any questions or concerns about our use of your personal information and information within this policy, please contact us via the Contact Us Section on our customer services portal here.
If you have any further questions or are unsatisfied with our response to any data protection issues you raise with us, you have the right to contact the appropriate Data Protection Authority within your Country or Region which is tasked with the protection of personal data and privacy.